Fiverr denies leak of sensitive documents (opens in new tab)

(xcancel.com)

9 pointsshepherdjerred24d ago4 comments

4 comments

I was curious what happened after the incident yesterday (https://news.ycombinator.com/item?id=47769796)

> To be clear, this is not a cyber incident. Fiverr does not proactively expose users' private information. The content in question was shared by users in the normal course of marketplace activity to showcase work samples, under agreements and approvals between buyers and sellers. This type of content requires the buyer's consent before it can be uploaded. As always, any request to remove content is handled promptly by our team.

This is... not a great response

altairprime24d ago

In legal terms, it’s interpretable as “don’t fault us for user-generated content”. While that may technically be correct, to host their UGC upload directory on an indexable share is — voluntary or involuntary — either cloud incompetence or cloud negligence. The work samples between a buyer and a seller should never have been made default-public through any process controlled by Fiverr, but certainly I’ll concede it’s both simpler and cheaper to do it through no-auth links and then externalize liability onto their customers.

SunshineTheCat24d ago

> Fiverr does not proactively expose users' private information.

This is such a weird thing to say, has any company ever "proactively exposed users' private information"?

Isn't that kinda taken for granted that most data breaches, leaks, bugs weren't meant to happen?

eviks24d ago

> Fiverr does not proactively expose users' private information.

Yes, just "did" and "actively"

j / k navigate · click thread line to collapse

4 comments

shepherdjerredOP24d ago

I was curious what happened after the incident yesterday (https://news.ycombinator.com/item?id=47769796)

This is... not a great response

altairprime24d ago

SunshineTheCat24d ago

> Fiverr does not proactively expose users' private information.

This is such a weird thing to say, has any company ever "proactively exposed users' private information"?

Isn't that kinda taken for granted that most data breaches, leaks, bugs weren't meant to happen?

eviks24d ago

> Fiverr does not proactively expose users' private information.

Yes, just "did" and "actively"

j / k navigate · click thread line to collapse